Gerald24AltostratusJul 20, 2022Active/Active HA SetupI have a question regarding HA Setup with Active/Active Setup.I want to perform sync in both devices without affecting the configured routes of Both F5. Do you have an idea how could I do it? I'm trying to configure it in an F5 VE AWS environment.
1 ReplyReplies sorted by Most LikedSort ByMost LikedOldestNewestStephanMantheyMVPJul 20, 2022There is a way to put configuration objects (i.e. virtuals, pools,profiles) and file objects (i.e. certs/keys) into folders. You would run your BIG-IPs not in a sync-failover device group, but in a sync-only device group. To create the folder you might follow this example: tmsh create sys folder allsites_synconly \ device-group devgroup_sync-only_all-sites \ traffic-group none tmsh save sys config partitions all Objects like certificates may be imported/assigned to a folder like this: tmsh create sys file ssl-key allsites_synconly/cert_service.bit \ source-path file:/shared/service.bit/service.bit.key tmsh create sys file ssl-cert allsites_synconly/cert_service.bit \ source-path file:/shared/service.bit/service.bit.crt If you prefer using the TMUI, don´t forget to put the folder always in front of your objekt name, i.e.:
StephanMantheyMVPJul 20, 2022There is a way to put configuration objects (i.e. virtuals, pools,profiles) and file objects (i.e. certs/keys) into folders. You would run your BIG-IPs not in a sync-failover device group, but in a sync-only device group. To create the folder you might follow this example: tmsh create sys folder allsites_synconly \ device-group devgroup_sync-only_all-sites \ traffic-group none tmsh save sys config partitions all Objects like certificates may be imported/assigned to a folder like this: tmsh create sys file ssl-key allsites_synconly/cert_service.bit \ source-path file:/shared/service.bit/service.bit.key tmsh create sys file ssl-cert allsites_synconly/cert_service.bit \ source-path file:/shared/service.bit/service.bit.crt If you prefer using the TMUI, don´t forget to put the folder always in front of your objekt name, i.e.:
Recent DiscussionsWAF for APM Oauth Authorization VSAdd/Remove IP address in IP Intelligence through API on BIGIPglobal-settings remote-host - what is the use of this setting ?Exchange server extended protection and BigIPF5 license application
Related ContentF5 Active Standby Node ConfigurationRe activate license failedNeed recommendation on Active-Active F5 setupIn an active/standby setup of ASM, with sync only device group, do signature updates sync up?Activate serverssl profile in iRule